Privacy Momentum Increases in Congress

Three major privacy bills were introduced in the US Senate yesterday. After a very slow start to the year on privacy legislation, publicity over recent data breaches has energized legislators.

Senator Mark Pryor (D-AR), Chairman of the Subcommittee on Consumer Protection, Product Safety and Insurance, introduced S-1207, the “Data Security and Breach Notification Act.” Like the House bill that was the subject of a hearing yesterday, it would require that entities holding personal information takes measures to secure it and to notify consumers in the event of a breach. But unlike Representative Bono Mack’s bill, the Senate measure includes additional requirements on “data brokers”. The broad definition could be construed to include private investigators.

Senator Dianne Feinstein, (D-CA) reintroduced her bill to limit the display and sale of Social Security numbers. S-1199, the “Protecting the Privacy of Social Security Numbers Act” includes a “business to business” exception to limitations of the use of SSN’s. NCISS prefers specific language in legislation to make clear that access to SSN’s be available for the conduct of lawful investigations.

Also, Senator Ron Wyden (D-OR) introduced S-1212, a bill which would prohibit the use of GPS tracking devices. It is the companion to legislation introduced previously in the House by Rep.Chaffetz (R-UT).

The Legislative Committee will be reviewing all these bills and is working to communicate the concerns of the profession to Members of Congress.